ssl - Mule - java.security.cert.CertificateException : No subject alternative names present

标签 ssl mule

我需要向流发送 HTTPS 请求。为此,在调用流程中,我有一个 HTTPS 出站端点。其配置如下所示:

 <http:request-config name="HTTPS_Request_to_OnPrem"  host="0.0.0.0"  doc:name="HTTP Request Configuration" port="8083"  responseTimeout="30000" protocol="HTTPS">

</http:request-config>

现在暴露 HTTPS 的另一个流程如下所示:

<http:listener-config name="HTTPS_Domain"  host="0.0.0.0" port="8083" doc:name="HTTP Listener Configuration" protocol="HTTPS">
    <tls:context>
        <tls:key-store type="jks" path="keystore" keyPassword="*****" password="*****"/>
    </tls:context>

</http:listener-config>

运行并点击请求时,我的应用程序失败并出现以下错误:

********************************************************************************
Message               : Error sending HTTP request. Message payload is of   type: String
Type                  : org.mule.api.MessagingException
Code                  : MULE_ERROR--2
Payload               : some payload 
JavaDoc               :     http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/MessagingException.html

Exception stack is:
1. No subject alternative names present    (java.security.cert.CertificateException)
  sun.security.util.HostnameChecker:142 (null)
2. General SSLEngine problem (javax.net.ssl.SSLHandshakeException)
  sun.security.ssl.Alerts:192    (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeExceptio    n.html)
3. General SSLEngine problem (javax.net.ssl.SSLHandshakeException)
  sun.security.ssl.Handshaker:1336    (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeExceptio    n.html)
4. javax.net.ssl.SSLHandshakeException: General SSLEngine problem     (java.util.concurrent.ExecutionException)
  org.glassfish.grizzly.impl.SafeFutureImpl$Sync:349 (null)
5. java.util.concurrent.ExecutionException:   javax.net.ssl.SSLHandshakeException: General SSLEngine problem     (java.io.IOException)
  org.mule.module.http.internal.request.grizzly.GrizzlyHttpClient:234 (null)
6. Error sending HTTP request. Message payload is of type: String    (org.mule.api.MessagingException)
  org.mule.module.http.internal.request.DefaultHttpRequester:287    (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/MessagingExcepti    on.html)
********************************************************************************
Root Exception stack trace:
java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:91)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:255)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:138)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1433)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:841)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:839)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1273)
at org.glassfish.grizzly.ssl.SSLUtils.executeDelegatedTask(SSLUtils.java:247)
at org.glassfish.grizzly.ssl.SSLBaseFilter.doHandshakeStep(SSLBaseFilter.java:669)
at org.glassfish.grizzly.ssl.SSLFilter.doHandshakeStep(SSLFilter.java:330)
at org.glassfish.grizzly.ssl.SSLBaseFilter.doHandshakeStep(SSLBaseFilter.java:583)
at org.glassfish.grizzly.ssl.SSLBaseFilter.handleRead(SSLBaseFilter.java:304)
at com.ning.http.client.providers.grizzly.SwitchingSSLFilter.handleRead(SwitchingSSLFilter.java:74)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
at org.mule.module.http.internal.request.grizzly.FlowWorkManagerIOStrategy.run0(FlowWorkManagerIOStrategy.java:134)
at org.mule.module.http.internal.request.grizzly.FlowWorkManagerIOStrategy.access$100(FlowWorkManagerIOStrategy.java:31)
at org.mule.module.http.internal.request.grizzly.FlowWorkManagerIOStrategy$WorkerThreadRunnable.run(FlowWorkManagerIOStrategy.java:157)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
at java.lang.Thread.run(Thread.java:745)

最佳答案

您正在向 0.0.0.0 发送 HTTPS 请求,并且您在那里运行的证书未将 0.0.0.0 列为 SAN .

您应该:

  • 更改请求主机以匹配您的证书中的内容,
  • 在证书中添加 0.0.0.0 的 SAN。

关于ssl - Mule - java.security.cert.CertificateException : No subject alternative names present,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36176464/

上一篇:amazon-web-services - 续订 IAM SSL 服务器证书

下一篇:email - 使用 TLS 的 ColdFusion 电子邮件设置

相关文章:

java - 提取服务器证书

java - 在 Mule CE 3.5 (Anypoint) 中执行 MSSQL 存储过程

mule - 从出站 HTTP 调用中删除 MULE_SESSION header

java - 用于检查 json 文件的 mule 表达式

sql - MuleSoft 和 SQL Server 数据库连接失败

node.js - 无法在 express.js 中设置 https

SSL 证书在连接时过期

delphi - 如何仅支持 TLS 1.1 和 1.2(在我的网络服务中)?

.htaccess - 强制 SSL 时面对 WHMCS SSL 重定向循环

comparison - Mule 社区版与企业版 - 功能比较?

©2024 IT工具网  联系我们